RecargaPay is the Super App that simplifies everyday payments for consumers and SMEs in Brazil.The platform streamlines payments for over 6 million Brazilians by consolidating credit and debit cards, instant payments like Pix, and Open Finance, on a mission to democratize mobile payments and financial services in Brazil.Featuring services such as bill payments, mobile top-ups, public transportation, installment plans, and loans, designed with convenience, low cost and flexibility in mind. RecargaPay is changing the way both banked and unbanked Brazilians make their everyday payments and access their financial services.
We are looking for a qualified Information Cyber Security Analyst (CSIRT) to work with the team in the role of investigating, analyzing, researching and responding to incidents.Suggest improvements, create documentation of playbooks, runbooks and use cases.Have ability to identify and classify key threats targeted at the business in order to take preventive measures and improve the detection and response process.Have the knowledge, methods, and techniques used to detect various exploitation activities. Working with digital forensics techniques and look to implement lessons learned processes
Your responsibilities will be:
- Manage Incident Response Plans;
- Develop strategies for threat detection;
- Build mechanisms to automate incident response activities;
- Thorough analysis of incidents, in order to do threat hunting;
- Follow-up and treatment of Threat Intelligence cases;
- Performing the construction and improvement of Playbooks;
- Assemble and direct WAR ROOM actions to contain incidents
- Conduct technical assessments of new cyber threats, such as attack tools, TTP, exploits, malware, etc.
- Provides the necessary technical support for cyber incident response investigations, including containment, eradication and remediation activities from initiation to conclusion with continuous monitoring.
- Update and adapt incident response manuals to address the use cases that are part of the CSIRT scope.
- Maintain technical and executive communication for the opening, follow-up and closing of any security incident.
- Experience in the Incident Response area;
- Experience with script development and automation tools, with a focus on incident response;
- Experience in documenting/ creating reports with details about the incidents;
- Knowledge in handling vulnerabilities using CVE, CVSS, Exploits, etc;
- Have knowledge in SIEM & SOAR tools;
- Solid knowledge in security frameworks such as Nist, Mitre, CIS, Kill Chain, etc;
- Experience investigating security incidents involving malware, data leakage and other artifacts;
- Knowledge in threat intelligence process;
- Malicious software, Phishing and malicious URLs analysis;
- Advanced log analysis;
- Develop, monitor and update metrics related to the progress of activities and their effectiveness, using the actions taken, in order to monitor results and propose improvements in processes;
- Develop research in information security, using reference materials or tools in the market, looking to constantly raise the level of maturity of information security throughout the company;
- Excellent communication skills;
- A background working in a regulated industry such as financial services;
- Experience with Amazon Web Services;
- AWS Cloud Security Certification;
- Certifications in the security field will be a plus.
- Knowledge in Networking (CCNA certificate preferred).
- Knowledge in Python or similar languages;
- Medical and Dental assistance without co-participation;
- Life insurance;
- Flexible Meal voucher - Flash;
- Home office assistance - monthly deposit in the RecargaPay app for personal use;
- Spanish classes;
- Educational partnerships;
- Discount in Universities for Undergraduate, Graduate and MBA courses;
- Anywhere office - work from wherever you want.
Diversity & Inclusion
Diversity is part of our DNA and we are in constant search for representativeness and evolution. We believe that our employees should be who they are, and that is what makes them unique in their roles - regardless of gender, religion, disabilities, LGBTQI+, ethnicity, generations and different experiences. And we are looking for people who are authentic and free to co-create a more inclusive and innovative company and society. Does it sound like you?
The use of your Data
The candidate, when sending the curriculum with personal and professional data to participate in RecargaPay's recruitment and selection process, is aware that the data will be used for the necessary analysis and validations throughout the recruitment process and for hiring, if necessary, as well as authorizes RecargaPay to share the curriculum data with other companies in the RecargaPay group in case opportunities arise in line with the candidate's profile.
In compliance with Law 13.709 / 18, LGPD - General Data Protection Law, the candidate may ask for the updating, rectification and modification of his information during the recruitment and selection process, or, still, request the non-use of the data under the terms applicable law.